medphysfandomcom-20200214-history
Networking
Chapter Network 1. OSI model International Organization for Standardization (ISO) developed its OSI framework architecture, the widely used seven-layer model is commonly used to help understand the network concept. Layered model improve the development efficiency, the networking system is divided into 7 layers. Within each layer, one or more entities implement its functionality. Each entity interacts directly only with the layer immediately beneath it, and provides facilities for use by the layer above it. Protocols enable an entity in one host to interact with a corresponding entity at the same layer in another host. Service definitions abstractly describe the functionality provided to an (N)-layer by an (N-1) layer, where N is one of the seven layers of protocols operating in the local host. 2. TCP/IP TCP/IP (Transmission Control Protocol/Internet Protocol) is the de facto communication protocol of the Internet. TCP/IP follows the 4 layered model as described bellow: Application Layer: socket and port are used to describe the path over which applications communicate. For example, telnet use port 21, ssh use port 22, and dicom use port 104. Transport Layer: The Transmission Control Protocol (TCP) guarantees information transmission, for example web browsing, ftp, dicom use TCP. The User Datagram Protocol (UDP) transports datagrams without end-to-end reliability checking, it is used for video streaming. Network Layer: Internet Protocol (IP) is the primary protocol in the TCP/IP Network Layer. In addition, there are many supporting protocols in the Network Layer to facilitate and manage the routing process, such as ICMP is used by “ping” to diagnose network problems. Network Access Layer: it will future be sub-grouped into the Data Link Layer and Physical Layer. Data link layer includes Ethernet 100/1000, wireless B/G/N etc. The physical layer defines the hardware communication properties, it includes the network interface card itself. 3. IP address a. Loop Back IP: 127.0.0.1 is used to test TCP/IP stack, any package sent to 127.0.0.1 will loop packages back on the same virtual interface. b. Private IP: 10.0.0.0/8, 172.16.0.1/12, 192.168.0.1/16, 127.0.0.1 is used to test TCP/IP stack, any package sent to 127.0.0.1 will loop packages back on the same virtual interface. 4. Hardware a. Patch panel/Punch down block Typically the network cable do not connect directly from computer network card to hub/switch, instead RJ45 cables are pre-wired in current buildings, wall jack is one to one pre-connected to punch down block/patch panel. In order to connect the computer to switch, IT needs to connect the patch panel to switch with patch cable, and connect the computer to wall jack with patch cable, in addition, configuration may be needed on switch including activate the port, assign vlan etc. all the process could be called “activate the wall jack” b. Hub/Switch Hub and Switches work at Layer 2 of the OSI model, data-link layer, they transmit Ethernet frames, so they don’t look at IP address information, only Ethernet MAC addresses. The difference is switch can forward the Ethernet frame directly to corresponding destination, without flood the rest computer in the network, which improve the performance and security. Some Layer 3 switch work are IP layer, large network could be segregated into smaller logical networks, called VLAN, Virtual LAN. c. Router Router operates in Layer 3, IP layer. Router can send IP package between difference networks. 5. Firewall and VPN Majority of the hospital have system wide firewall to protect the internal network, which normally block the traffic initiated from outside of network. Microsoft Windows XP, vista and 7 have its own firewall to prevent abnormal access. In order to access the internal information from outside of firewall, an exception is needed to permit such access. In Microsoft windows firewall, the function is primitive; there are only two kinds of settings, program and port. The “program” control which local program can access the network; while the “port” setting controls which port can accept connection from outside network. In the meanwhile, the setting can combined with remote IP address or subnet to further limit the access. Virtual Private Network, VPN, is used to encrypt the traffic between remote system and private network, so the system seems connect directly to the private network. VPN is typically used to add exception to the system wide firewall, so remote computer can access the internal computers. 6. Remote Desktop, and SSH/X11 a. Remote Desktop: Remote Desktop provides a user with a graphical interface to another computer, use can access the remote computer with same graphical interface, even do not sit in front of the remote computer. b. X windows support the functionality by default in unix. Contra intuitively, connecting from-end is the X server while connected to-end is the X Client. X server needs to use command “xhost +address_of_target” to allow X connection from X client to X server. c. VNC can support similar functionality in windows and unix, and it’s the default remote desktop software in Mac OS X. 7. Trouble shooting a. How to access network tools i. Start à Control Panel à Network Connections à Local Area Connection à Properties à Internet Protocol (TCP/IP) ii. Start à Run… à type “cmd” à ok b. How to view current IP information, DNS and MAC address? i. Start à Run… à type “cmd” à ok à “ipconfig /all”; the red line showed the MAC address, and magenta line show the IP information, blue line show the DNS information. C:\>ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : BHNBX232349 Primary Dns Suffix . . . . . . . : RADONC.ORG Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : RADONC.ORG cpmc.columbia.edu Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : cpmc.columbia.edu Description . . . . . . . . . . . : Intel® 82567LM-3 Gigabit Network C onnection Physical Address. . . . . . . . . : 00-24-81-8E-2A-68 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 156.145.34.196 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 156.145.34.1 DHCP Server . . . . . . . . . . . : 156.111.60.150 DNS Servers . . . . . . . . . . . : 10.112.74.48 10.112.74.49 Lease Obtained. . . . . . . . . . : Monday, January 31, 2011 2:23:15 AM Lease Expires . . . . . . . . . . : Tuesday, February 01, 2011 2:23:15 AM c. How to test the network connectivity? i. Test the Ethernet connectivity 1. Using “Network Connections” or “ipconfig”, if no Ethernet connection, there will be warning as “Media disconnected” 2. Check the link light on the network card, if not light typically means the Ethernet connection get lost ii. Test the IP connectivity 1. In Command Prompt, “ipconfig /all” to check the TCP/IP configuration. 2. In Command Prompt, “Ping 127.0.0.1”, test the TCP/IP protocol installation 3. In Command Prompt, “Ping IP address”, test the TCP/IP network driver 4. In Command Prompt, “Ping default gateway”, test the connection to router. 5. In Command Prompt, “Ping other computer in the same network”, test if the vlan and switch is functional. 6. In Command Prompt, “Ping other computer in the different network”, test the routing enable of router. 7. some time the Ping is blocked, Telnet can be used instead. It will return an error message like "Could not open connection to the host, on port 104: Connect failed" if failed, a hung-up like screen means connection made but no interaction between user and server. iii. Test connectivity with hostname 1. Ping DNS server 2. Ping redhat.com, make sure it shows the following “Pinging redhat.com 209.132.183.81 with 32 bytes of data:” 3.ftp ftp.redhat.com Connected to ftp.redhat.com. 220 Red Hat FTP server ready. All transfers are logged. (FTP) EPSV User (ftp.redhat.com:(none)): 4.in web browser, open “www.google.com”